Real-time Estimation of DoS Duration and Frequency for Security Control

TL;DR

The paper tackles real-time estimation of DoS attack duration and frequency using only past attack data, addressing scenarios where defender knowledge about the attacker is limited. It introduces a novel DoS estimator for bounds $B_d$ and $B_f$, with explicit update rules and finite-time reliability for non-edge-case attackers, and clarifies the fundamental limit via the limits $\,\limsup_{t\to\infty} |\Xi(0,t)|/t = \inf \mathcal{D}(\xi)$ and $\limsup_{t\to\infty} n_\xi(0,t)/t = \inf \mathcal{F}(\xi)$. The estimator is integrated into two anti-DoS control paradigms: adaptive sampling for average consensus in multi-agent systems, and adaptive impulsive control for nonlinear system stabilization, each with theoretical guarantees that hinge on the estimated bounds satisfying $B_d + B_f\Delta < 1$. Numerical simulations illustrate convergence of the estimates and show that estimator-based controllers maintain performance under unknown attacks, while highlighting the impact of parameters such as $\theta$, $\ell$, and $\epsilon_0$ on transient behavior. The work broadens the applicability of DoS-resilient control by removing the need for prior attacker information, and it outlines practical avenues for balancing security with resource efficiency in real deployments.

Abstract

In this paper, we develop a new denial-of-service (DoS) estimator, enabling defenders to identify duration and frequency parameters of any DoS attacker, except for three edge cases, exclusively using real-time data. The key advantage of the estimator lies in its capability to facilitate security control in a wide range of practical scenarios, even when the attacker's information is previously unknown. We demonstrate the advantage and application of our new estimator in the context of two classical control scenarios, namely consensus of multi-agent systems and impulsive stabilization of nonlinear systems, for illustration.

Figures (7)

• Figure 1: Top: The estimated duration-bound$\hat{B}_d (t)$ is generated by (\ref{['align:hatT_A(n)']}). Bottom: The estimated frequency-bound$\hat{B}_f (t)$ is generated by (\ref{['align:hattau_A(n)']}). (With $\theta = 0.67$ and $\ell = 2$.)
• Figure 2: Top: Consensus of MAS (\ref{['align:MAS']}) regulated by the sample-data controller (\ref{['align:MAS_ui']}). Bottom: The values of $\Delta_k$ generated by (\ref{['align:Delta_k_initialize']})--(\ref{['align:Delta_k']}) at each sampling instance, as well as the theoretical supremum of the intervals determined by Theorem \ref{['theorem:consensus_MAS_adaptive_sampling']}.
• Figure 3: Top: Stabilization of system (\ref{['align:nonlinear_system']}) regulated by the impulsive controller (\ref{['align:impulsive_control']})--(\ref{['align:impulsive_invalid_control']}). Bottom: The values of $\Delta_k$ generated by (\ref{['align:impulsive_Delta_k_initialize']})--(\ref{['align:impulsive_Delta_k']}) at each control instants, as well as the theoretical supremum of the intervals determined by Theorem \ref{['theorem:impulsive_stabilization_adaptive_interval']}.
• Figure 4: Estimations of $\xi$'s duration-bound (top) & frequency-bound (bottom) with different values of $\theta$ and $\ell$.
• Figure 5: Top and middle: The transient response of system (\ref{['align:nonlinear_system']}) under impulsive control (\ref{['align:impulsive_control']})--(\ref{['align:impulsive_invalid_control']}). The control sequences are generated using DoS estimators with $(\theta,\ell) = (0.9,2)$ and $(\theta,\ell) = (0.9,3)$, respectively. Bottom: The values of $\Delta_k$ generated at each control instant for different pairs of $(\theta,\ell)$.

Theorems & Definitions (40)

• Example 1
• Definition 1
• Definition 2
• Remark 1
• Proposition 1
• proof
• Lemma 1
• proof
• Remark 2
• Definition 3